graphql-ruby icon indicating copy to clipboard operation
graphql-ruby copied to clipboard

Published 20 hours ago verified publisher icon rmosolgo

Print warning when custom validators are detected

Open vithushar opened this issue 8 months ago • 2 comments

Problem

Custom validators with I/O operations may fail unexpectedly due to GraphQL's default validate_timeout setting. Long-running I/O operations may not be terminated midway, resulting in unpredictable behavior.

See these PRs for more context: Manual timeout implementation: https://github.com/rmosolgo/graphql-ruby/pull/5263 Validate_timeout default value implementation: https://github.com/rmosolgo/graphql-ruby/pull/5258

We should make the risk of adding I/O bound custom validators more "in your face" in the gem for consumers.

solution

Print a warning when a custom validator is registered.

Screenshot 2025-03-20 at 9 43 22 PM

vithushar avatar Mar 21 '25 01:03 vithushar

Hey, thanks for looking into this. What if we made validate_timeout I/O-safe instead? I think the visit hooks in this module could be the place for that: https://github.com/rmosolgo/graphql-ruby/blob/6120645fe4785af403bcf32ea83413fea810190a/lib/graphql/static_validation/base_visitor.rb#L55

Implementation-wise, it'd be very much like #5263. What do you think?

rmosolgo avatar Mar 21 '25 10:03 rmosolgo

What if we made validate_timeout I/O-safe instead?

I'm very much on board with that. Let's do it!

vithushar avatar Mar 21 '25 13:03 vithushar